package com.servlet.yanzheng;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class LoginYanZ extends HttpServlet {
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doPost(request, response);
	}

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		request.setCharacterEncoding("UTF-8");
		response.setCharacterEncoding("UTF-8");
		HttpSession session = request.getSession(true);
		session.setMaxInactiveInterval(20000);

		String uersname = request.getParameter("username");
		session.setAttribute("id", uersname);

		String mima = request.getParameter("userpaw");
		String veryCord = request.getParameter("randcord");

		Connection conn = null;
		String url = "jdbc:oracle:thin:@localhost:1521:ORCL";
		Statement stm = null;
		String sql = "select * from emai_user where e_user_id='" + uersname
				+ "' and e_password='" + mima + "'";
		ResultSet rs = null;

		String veryCord1 = (String) session.getAttribute("check");

		if (!veryCord1.equals(veryCord)) {
			response.sendRedirect("./Login.html");
		} else {
			try {
				Class.forName("oracle.jdbc.driver.OracleDriver");
				conn = DriverManager.getConnection(url, "scott", "tiger");
				stm = conn.createStatement();
				rs = stm.executeQuery(sql);
				if (rs.next()) {
					String x = rs.getString("E_STATUS");
					if ("1".equals(x)) {
						session.setAttribute("login", "1");
						response.sendRedirect("FrastPage.jsp");
					} else {
						session.setAttribute("login", "1");
						response.sendRedirect("putong.jsp");
					}

				} else {
					session.removeAttribute("login");
					response.sendRedirect("./Login.html");
				}
			} catch (ClassNotFoundException e) {
				e.printStackTrace();
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
	}
}
